[95813] in North American Network Operators' Group
Re: Blocking mail from bad places
daemon@ATHENA.MIT.EDU (Thomas Leavitt)
Wed Apr 4 14:15:14 2007
Date: Wed, 04 Apr 2007 11:12:22 -0700
From: Thomas Leavitt <thomas@thomasleavitt.org>
To: Ken Simpson <ksimpson@mailchannels.com>
Cc: nanog@merit.edu
In-Reply-To: <20070404154632.GA5091@mailchannels.com>
Errors-To: owner-nanog@merit.edu
That makes sense, and matches up with my experience... you also have
"amateur" spammers just doing stuff manually (as well as spammers paying
people pennies a page to input CAPTCHA responses).
Another issue is that the unsolicited contact paradigm blurs a bit, when
you have musicians and promoters and organizations with causes, etc. all
asking to be "added as a friend"... the situation becomes one of those
"I know spam when I see it." ones...
Ken Simpson wrote:
>> Some of it is quite sophisticated: full blown "instant" profiles with
>> fake comments ... the smarter spammers actually make the profile look
>> real (often lifting material from legit user profiles), and then
>> just ...
>>
>
> At the MIT Spam Conference, I was talking to MySpace's anti spam
> researcher. He said that they see many profiles that look totally
> legit and which have been carefully nurtured for more than six months
> -- and then the formally legit profile suddenly becomes the drop site
> for a Phishing campaign or other spam repository.
>
> Captchas apparently help quite a bit to stem this kind of problem
> because they install a technical barrier that, while not impossible to
> break through programatically, at least delays things a bit and
> reduces the ROI for the spammer.
>
> Regards,
> Ken
>
>